diff options
Diffstat (limited to 'secure/lib/libcrypto/man/man3/OSSL_CRMF_pbmp_new.3')
| -rw-r--r-- | secure/lib/libcrypto/man/man3/OSSL_CRMF_pbmp_new.3 | 18 |
1 files changed, 11 insertions, 7 deletions
diff --git a/secure/lib/libcrypto/man/man3/OSSL_CRMF_pbmp_new.3 b/secure/lib/libcrypto/man/man3/OSSL_CRMF_pbmp_new.3 index 95ecd22aff83..0c1e8ac30583 100644 --- a/secure/lib/libcrypto/man/man3/OSSL_CRMF_pbmp_new.3 +++ b/secure/lib/libcrypto/man/man3/OSSL_CRMF_pbmp_new.3 @@ -1,5 +1,5 @@ .\" -*- mode: troff; coding: utf-8 -*- -.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45) +.\" Automatically generated by Pod::Man v6.0.2 (Pod::Simple 3.45) .\" .\" Standard preamble: .\" ======================================================================== @@ -52,10 +52,13 @@ . \} .\} .rr rF +.\" +.\" Required to disable full justification in groff 1.23.0. +.if n .ds AD l .\" ======================================================================== .\" .IX Title "OSSL_CRMF_PBMP_NEW 3ossl" -.TH OSSL_CRMF_PBMP_NEW 3ossl 2025-09-30 3.5.4 OpenSSL +.TH OSSL_CRMF_PBMP_NEW 3ossl 2026-04-07 3.5.6 OpenSSL .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -81,7 +84,7 @@ OSSL_CRMF_pbmp_new .Ve .SH DESCRIPTION .IX Header "DESCRIPTION" -\&\fBOSSL_CRMF_pbm_new()\fR generates a PBM (Password-Based MAC) based on given PBM +\&\fBOSSL_CRMF_pbm_new()\fR generates a PBM (Password\-Based MAC) based on given PBM parameters \fIpbmp\fR, message \fImsg\fR, and secret \fIsec\fR, along with the respective lengths \fImsglen\fR and \fIseclen\fR. The optional library context \fIlibctx\fR and \fIpropq\fR parameters may be used @@ -93,22 +96,23 @@ allocated MAC via the \fImac\fR reference parameter and writes the length via th .PP \&\fBOSSL_CRMF_pbmp_new()\fR initializes and returns a new \fBPBMParameter\fR structure with a new random salt of given length \fIsaltlen\fR, -OWF (one-way function) NID \fIowfnid\fR, OWF iteration count \fIitercnt\fR, +OWF (one\-way function) NID \fIowfnid\fR, OWF iteration count \fIitercnt\fR, and MAC NID \fImacnid\fR. The library context \fIlibctx\fR parameter may be used to select the provider for the random number generation (DRBG) and may be NULL for the default. .SH NOTES .IX Header "NOTES" -The algorithms for the OWF (one-way function) and for the MAC (message +The algorithms for the OWF (one\-way function) and for the MAC (message authentication code) may be any with a NID defined in \fI<openssl/objects.h>\fR. -As specified by RFC 4210, these should include NID_hmac_sha1. +For backward compatibility with RFC 4210, these should include NID_hmac_sha1. .PP -RFC 4210 recommends that the salt SHOULD be at least 8 bytes (64 bits) long, +RFC 4210 recommended that the salt SHOULD be at least 8 bytes (64 bits) long, where 16 bytes is common. .PP The iteration count must be at least 100, as stipulated by RFC 4211, and is limited to at most 100000 to avoid DoS through manipulated or otherwise malformed input. +See RFC 9045 for currently suggested values. .SH "RETURN VALUES" .IX Header "RETURN VALUES" \&\fBOSSL_CRMF_pbm_new()\fR returns 1 on success, 0 on error. |